How TeamViewer Stores Passwords
TeamViewer is a popular program for remote desktop connection. Therefore, we are quite interested to see how this program stores passwords. In short, all passwords are stored in the Windows registry in encrypted form. For encryption, the AES-128-CBC algorithm and the secret key 0602000000a400005253413100040000 are used. This method of saving passwords and the associated privilege escalation was officially registered on February 7, 2020, as the vulnerability CVE-2019-18988 (this vulnerability applies to all versions of TeamViewer up to and including 07/14/1965).
The novice security specialist who unveiled this vulnerability stumbled upon this vulnerability by accident. He says that he worked for the client and during the backup, he noticed TeamViewer registry keys called